DOCSLIB.ORG

Making Slackware Mail Server Making Slackware Mail Server

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Making Slackware Mail Server Making Slackware Mail Server 2021/07/27 18:06 (UTC) 1/8 Making Slackware Mail Server Making Slackware Mail Server This article shows how to make an Slackware machine your personal Mail Server. This howto is for Slackware 64 13.37, but with few changes you can adapt it to the newest member of Slackware familly Slackware 14. Before we begin I must say that you need a normal installation of Slackware, without any special packages. The packages we will need to make the Mail Server we will manually download and install from Slackbuilds.org. I preffer the Cyrus SASL authentication method and Cyrus IMAP for remote login, insted of other alternatives like qpopper or dovecot. Let's get started then , we will need to install Cyrus-SASL, Postfix, Cyurs-IMAP and then configure them all to use Certificates for encrypting the mail packages that traverse the Internet. Installing Cyrus-SASL # cd /tmp # mkdir cyrus-sasl # cd cyrus-sasl # wget ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/source/n/cyrus-sasl/ cyrus-sasl-2.1.23.tar.xz # wget ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/source/n/cyrus-sasl/ cyrus-sasl.SlackBuild # wget ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/source/n/cyrus-sasl/ doinst.sh.gz # wget ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/source/n/cyrus-sasl/ rc.saslauthd.gz # wget ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/source/n/cyrus-sasl/ slack-desc # joe cyrus-sasl.SlackBuild and add the following lines after “–disable static” --enable-plain \ --disable-digest \ # sh cyrus-sasl.SlackBuild # installpkg /tmp/cyrus-sasl-2.1.23-x86_64-1.txz SlackDocs - https://docs.slackware.com/ Last update: 2019/02/16 16:44 howtos:network_services:postfix_with_cyrus https://docs.slackware.com/howtos:network_services:postfix_with_cyrus (UTC) Installing Postfix # cd /tmp # mkdir postfix # cd postfix # wget http://postfix.cs.utah.edu/source/official/postfix-2.8.3.tar.gz # wget http://slackbuilds.org/slackbuilds/13.37/network/postfix/README # wget http://slackbuilds.org/slackbuilds/13.37/network/postfix/doinst.sh # wget http://slackbuilds.org/slackbuilds/13.37/network/postfix/postfix.SlackBuild # wget http://slackbuilds.org/slackbuilds/13.37/network/postfix/postfix.info # wget http://slackbuilds.org/slackbuilds/13.37/network/postfix/rc.postfix # wget http://slackbuilds.org/slackbuilds/13.37/network/postfix/slack-desc # joe postfix.Slackbuild Edit the following line and replace “dovecot” with “cyrus” like this SASL=${SASL:-cyrus} In order to begin Postfix installation you will need to create postfix user and group (also keep in mind that we need to add user postfix and user cyrus to the same group, mail group that is). # groupadd -g 200 postfix # useradd -u 200 -d /dev/null -s /bin/false -g postfix postfix -G mail # groupadd -g 201 postdrop # sh postfix.SlackBuild # installpkg /tmp/postfix-2.8.3-x86_64-1_SBo.tgz Before we continue with installation of IMAP server we need to assure that Postfix is working and we can authenticate with sasl. Let's make some basic Postfix configuration and some basic SASL configuration. I will be explaining plain auth because later on we will use it togheter with SASL to authenticate. First of all we need to make our aliases and tell Postfix to use aliases maps from /etc/postfix/aliases, so : # joe /etc/postfix/main.cf Edit these lines and make them look like this : alias_maps = hash:/etc/postfix/aliases alias_database = hash:/etc/postfix/aliases Now let's add a user to the Slackware machine, a user who will also can read and send mail. # adduser https://docs.slackware.com/ Printed on 2021/07/27 18:06 (UTC) 2021/07/27 18:06 (UTC) 3/8 Making Slackware Mail Server Login name for new user []: slackware_user User ID ('UID') [ defaults to next available ]: press ENTER Initial group [ users ]: 200 Home directory [ /home/xxxxxx ]: press ENTER Shell [ /bin/bash ]: /bin/false Do you wish to change the sheel? (Y/n): n Expiry date (YYYY-MM-DD) []: press ENTER Press ENTER and imput full name and other account relates stuff. Also specify an password for your newly created user. Now edit /etc/postfix/aliases and modifiy it to your needs : root : slackware_user office: slackware_user Now update your aliases database issuing the command : # postalias hash:/etc/postfix/aliases It is now time to make our important configurations for Postfix in order for it to run. # joe /etc/postfix/main.cf myhostname = mx.yourdomain.tld mydomain = yourdomain.tld myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mynetworks = 127.0.0.0/8 Let's now configure Postfix to authenticate users using SASL # mkdir /etc/sasl2 # cd /etc/sasl2 # touch smtpd.conf # joe smtpd.conf pwcheck_method: saslauthd mech_list: PLAIN LOGIN Now let's configure Postfix to have users authenticate using SASL. Edit /etc/postfix/main.cf and add the folowing code to the end of the file : smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination Let's start the daemons and test our configurations until now: # saslauthd -a shadow SlackDocs - https://docs.slackware.com/ Last update: 2019/02/16 16:44 howtos:network_services:postfix_with_cyrus https://docs.slackware.com/howtos:network_services:postfix_with_cyrus (UTC) # postfix start Then from another machine telnet into your mail server on port 25 and issue the following commands : # telnet mx.mailserver.com 25 ehlo user.mailserver.tld 250-mx.mailserver.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN Y4R0QYxpcuHsFBRbbGjnPHIwYjB0MWrpMTk7La== 235 2.7.0 Authentication successful MAIL FROM: <[email protected]> 250 2.1.0 Ok RCPT TO: <[email protected]> 250 2.1.5 Ok DATA 354 End data with <CR><LF>.<CR><LF> HI. This mail is a test . 250 2.0.0 Ok: queued as 4C0EE221E93 QUIT In order to find out the string after AUTH PLAIN enter the commandprintf 'user\0user\0password' | mmencode on your mail server, where user is your username and password is your password Rember to put the “.” at the end so the mail can be sent to qeue daemon Installing Mail Delivery and Cyrus IMAP # cd /tmp # mkdir cyrus-imap # cd cyrus-imap # wget http://cyrusimap.org/releases/cyrus-imapd-2.4.12.tar.gz # wget http://slackbuilds.org/slackbuilds/13.37/network/cyrus-imapd/README # wget https://docs.slackware.com/ Printed on 2021/07/27 18:06 (UTC) 2021/07/27 18:06 (UTC) 5/8 Making Slackware Mail Server http://slackbuilds.org/slackbuilds/13.37/network/cyrus-imapd/README.SLACKWAR E # wget http://slackbuilds.org/slackbuilds/13.37/network/cyrus-imapd/cyrus-imapd.Sla ckBuild # wget http://slackbuilds.org/slackbuilds/13.37/network/cyrus-imapd/cyrus-imapd.inf o # wget http://slackbuilds.org/slackbuilds/13.37/network/cyrus-imapd/doinst.sh # wget http://slackbuilds.org/slackbuilds/13.37/network/cyrus-imapd/imapd.conf # wget http://slackbuilds.org/slackbuilds/13.37/network/cyrus-imapd/patches # wget http://slackbuilds.org/slackbuilds/13.37/network/cyrus-imapd/rc.cyrus-imapd # wget http://slackbuilds.org/slackbuilds/13.37/network/cyrus-imapd/slack-desc # mkdir patches # cd patches/ # wget http://mirrors.vbi.vt.edu/mirrors/linux/slackbuilds/13.37/network/cyrus-imap d/patches/cyrus-imapd-2.4.4-autocreate-0.10-0-sv1.patch # wget http://mirrors.vbi.vt.edu/mirrors/linux/slackbuilds/13.37/network/cyrus-imap d/patches/cyrus-imapd-2.4.4-autosieve-0.6.0-sv1.patch # cd /tmp/cyrus-imap # groupadd -g 238 cyrus # useradd -d /var/imap -s /bin/sh -u 238 -g 238 cyrus -G mail # sh cyrus-imapd.SlackBuild # installpkg /tmp/cyrus-imapd-2.4.12-x86_64-1_SBo.tgz # mkdir -m 750 -p /var/imap /var/spool/imap /var/sieve # chown cyrus:mail /var/imap /var/spool/imap /var/sieve # su - cyrus # /usr/doc/cyrus-imapd-2.4.12/tools/mkimap # su - root Edit /etc/imapd.conf and add the following lines: sasl_mech_list: PLAIN LOGIN allowplaintext: yes Edit /etc/postfix/main.cf and at mailbox_transport add the following: mailbox_transport = lmtp:unix:/var/imap/socket/lmtp The last step to do is to add users to your imap server. For that you need to issue these commands : # passwd cyrus and add a password for cyrus user SlackDocs - https://docs.slackware.com/ Last update: 2019/02/16 16:44 howtos:network_services:postfix_with_cyrus https://docs.slackware.com/howtos:network_services:postfix_with_cyrus (UTC) # cyradm --user cyrus --server localhost --auth plain localhost>cm user.slackware_user localhost>lm localhost> quit slackware_user is the user you have created in your slackware machine At this point we have an functional Mail Server but with users authenticating in plain text . So the next step is innevitabile. SSL / TLS Postfix and Cyrus Let's start by creating our certificates and configuring POSTFIX to use STARTTLS. # cd /etc/ssl # misc/CA.pl -newca ( complete all entries) # openssl req -new -nodes -keyout mailkey.pem -out mailreq.pem -days 36500 # openssl ca -out mail_signed_cert.pem -infiles mailreq.pem # cp /etc/ssl/mailkey.pem /etc/postfix # cp /etc/ssl/mail_signed_cert.pem /etc/postfix # chown root /etc/postfix/mailkey.pem # chmod 400 /etc/postfix/mailkey.pem # cp /etc/ssl/demoCA/cacert.pem /etc/postfix Now add the followings to /etc/postfix/main.cf : smtpd_use_tls = yes smtpd_tls_key_file = /etc/postfix/mailkey.pem smtpd_tls_cert_file = /etc/postfix/mail_signed_cert.pem smtpd_tls_CAfile = /etc/postfix/cacert.pem In /etc/postfix/master.cf delete the “#” sign from smtps and the next two columns from it smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes
Load more

Recommended publications
  • CYRUS: BUILD YOUR TUTORIAL OWN EMAIL SERVER Don’T Trust Google? We’Ll Help You Navigate the Sea of JOHN LANE Acronyms to Build Your Own Mailserver
    TUTORIAL MAILSERVER CYRUS: BUILD YOUR TUTORIAL OWN EMAIL SERVER Don’t trust Google? We’ll help you navigate the sea of JOHN LANE acronyms to build your own mailserver. ou can’t beat the convenience and ease of use access their mail by connecting to the server using WHY DO THIS? offered by Gmail. But unfortunately, all that any IMAP-capable email client application. • Take control of your Yfree storage comes at a price: your privacy. You will need a, preferably new, server for this email provision. Spam, intrusive adverts and snooping from unnamed project and you’ll need root access to it. Our examples • Stop outside agencies government agencies are the inevitable downside of use Arch Linux, and we created a new virtual server. from scanning the using someone else’s service for free. So why not Begin by installing Cyrus (build the Arch User content of your emails. build your own email server including anti-spam, Repository package first – see the boxout below-right): • Get webmail without advertising. anti-virus and webmail? $ pacman -U ~build/cyrus-imapd/cyrus-imapd-2.4.17-5-x86_64. You can use your own server to retrieve messages pkg.tar.xz from other mailservers, such as those provided by The default configuration writes data to /var/imap internet service providers, or other services like those and user mailboxes to /var/spool/imap. You can from Google and Yahoo. But you don’t need to rely on change this if you prefer another location; we’ll others if you have your own server. If you have a configure our server to use /srv/mail/cyrus to domain name that you control, and if you can give your illustrate this.
    [Show full text]
  • Cyrus Mail Server 2 Table of Contents
    Univention Corporate Server Cyrus mail server 2 Table of Contents 1. Introduction ........................................................................................................................ 4 2. Installation ......................................................................................................................... 5 3. Management of the mail server data ....................................................................................... 6 3.1. Management of mail domains ..................................................................................... 6 3.2. Assignment of e-mail addresses to users ........................................................................ 6 3.3. Management of mailing lists ....................................................................................... 7 3.4. Management of mail groups ........................................................................................ 7 3.5. Management of shared IMAP folders ........................................................................... 8 3.6. Mail quota ............................................................................................................... 9 4. Spam detection and filtering ................................................................................................ 10 5. Identification of viruses and malware .................................................................................... 11 6. Identification of Spam sources with DNS-based Blackhole Lists (DNSBL) ...................................
    [Show full text]
  • Toward an Automated Vulnerability Comparison of Open Source IMAP Servers Chaos Golubitsky – Carnegie Mellon University
    Toward an Automated Vulnerability Comparison of Open Source IMAP Servers Chaos Golubitsky – Carnegie Mellon University ABSTRACT The attack surface concept provides a means of discussing the susceptibility of software to as-yet-unknown attacks. A system’s attack surface encompasses the methods the system makes available to an attacker, and the system resources which can be used to further an attack. A measurement of the size of the attack surface could be used to compare the security of multiple systems which perform the same function. The Internet Message Access Protocol (IMAP) has been in existence for over a decade. Relative to HTTP or SMTP, IMAP is a niche protocol, but IMAP servers are widely deployed nonetheless. There are three popular open source UNIX IMAP servers – UW-IMAP, Cyrus, and Courier-IMAP – and there has not been a formal security comparison between them. In this paper, I use attack surfaces to compare the relative security risks posed by these three products. I undertake this evaluation in service of two complementary goals: to provide an honest examination of the security postures and risks of the three servers, and to advance the study of attack surfaces by performing an automated attack surface measurement using a methodology based on counting entry and exit points in the code. Introduction Contributions and Roadmap System administrators frequently confront the The paper makes two major contributions. First, problem of selecting a software package to perform a I undertake an in-depth discussion of the relative secu- desired function. Many considerations affect this deci- rity postures of the three major open source IMAP sion, including functionality, ease of installation, soft- servers in use today.
    [Show full text]
  • Understanding Email Sending in Nagios XI
    The Industry Standard In Infrastructure Monitoring Nagios XI Understanding Email Sending Purpose This document describes how Nagios XI sends emails and explains how to configure your email settings. Nagios XI uses email to send notifications as well as for sending reports. Target Audience This document is intended for use by Nagios Administrators who want to understand in detail how emails are sent by Nagios XI. Navigation Email settings in Nagios XI are located in Admin > System Config > Manage Email Settings. 1295 Bandana Blvd N, St. Paul, MN 55108 [email protected] US: 1-888-624-4671 INTL: 1-651-204-9102 www.nagios.com © 2017 Nagios Enterprises, LLC. All rights reserved. Nagios, the Nagios logo, and Nagios graphics are the servicemarks, trademarks, or registered trademarks owned by Nagios Enterprises. All other servicemarks and trademarks are the property of their respective owner. Page 1 / 7 Updated – September, 2018 The Industry Standard In Infrastructure Monitoring Nagios XI Understanding Email Sending Web Browser Behavior There are some behaviors of your web browser which you need to be aware of. A lot of different web browsers will auto-complete / auto-populate fields on a web page when it loads. This usually only occurs when it sees a common field that does not have a value, it may have a saved value for that "named field" and hence it will populate that field with that saved value. If you open the Manage Email Settings page in Nagios XI you might notice that the username and password fields are already populated. You know that you didn't put a value in here, especially when this is the first time you've visited this page on a fresh install of Nagios XI.
    [Show full text]
  • Postfix−Cyrus−Web−Cyradm−HOWTO
    Postfix−Cyrus−Web−cyradm−HOWTO Luc de Louw luc at delouw.ch Revision History Revision 1.2.0 2002−10−16 Revised by: ldl The first release of the 1.2 version. Revision 1.1.7 2002−10−15 Revised by: ldl Added Michael Muenz' hints for SMTP AUTH, corrected ca−cert related mistake, improved SGML code (more metadata), updated the software mentioned in the document. Revision 1.1.6 2002−06−14 Revised by: ldl Added sasl_mech_list: PLAIN to imapd.conf, added web−cyradm Mailinglist, added more to web−cyradm Revision 1.1.5 2002−06−11 Revised by: ldl Added new SQL query to initialize web−cyradm to have full data integrity in the MySQL Database, mysql−mydestination.cf reported to be operational as expected. Revision 1.1.4 2002−05−15 Revised by: ldl Added description what is needed in /etc/services Another fix for pam_mysql compile, updated software versions. Revision 1.1.3 2002−05−08 Revised by: ldl Added more description for web−cyradm, fix for wrong path of the saslauthdb−socket, Fix for wrong place of com_err.h, protection of the TLS/SSL private key. Revision 1.1.2 2002−04−29 Revised by: ldl Added description for Redhat users how to install the init scripts. Revision 1.1.1 2002−04−29 Revised by: ldl Fixed bug in configuring cyrus−IMAP (disabled unused kerberos authentication) Revision 1.1.0 2002−04−28 Revised by: ldl Initial support for building cyrus from source, dropped binary installation for Cyrus, because configuration has changed with Release 2.1.x Revision 1.0.2 2002−04−25 Revised by: ldl Added basic description for sieve and correct sender handling, minor fixes to db related stuff, Added mysql−lookup for »mydestination« , fixed bug for building postfix with mysql support.
    [Show full text]
  • Brave Gnu World
    LINUXCOVERCOMMUNITY USERSTORY SchlagwortSchlagwortBrave GNU sollte Worldsollte hier hier stehen stehen Schlagwort sollte hier stehen COVER STORY The Monthly GNU Column BRAVE GNU WORLD This column looks into projects and current affairs in the world of free software from the perspective of the GNU Project and the FSF. In this issue, I’ll focus on Comspari and the EU decision on software patents. BY GEORG C.F. GREVE n the past, the German government the Kroupware project in 2002. The pub- principles back to front. For example, has often caused a (positive) stir due lic tender by the BSI was aimed to pro- many other solutions are based on the Ito its activities with free software. duce a groupware solution that would principle that the server is the king of The Federal Ministry of the Economy support strong cryptography and inte- the hill and the users have to bow down (BMWi) sponsored Gnupg [1], for exam- grate seamlessly into a heterogeneous and worship it. The Kolab server does ple. Add to this a number of accompany- environment. things differently. The program makes ing activities, such as a report by the The government office gave a consor- the user king, and gives the user power Bavarian Accounts Office, the KBST let- tium comprising Erfrakon, Klarälvdalens to do things. The software simply helps ter, and the highly acclaimed migration Datakonsult [2], and Intevation [3] the coordinate things as a central intermedi- guide by the Federal Ministry of the Inte- task of developing the software. Inter- ary. rior (BMI). nally, the design and the software was Kolab 1 combined so-called partial referred to as Kolab 1.
    [Show full text]
  • Set up Mail Server Documentation 1.0
    Set Up Mail Server Documentation 1.0 Nosy 2014 01 23 Contents 1 1 1.1......................................................1 1.2......................................................2 2 11 3 13 3.1...................................................... 13 3.2...................................................... 13 3.3...................................................... 13 4 15 5 17 5.1...................................................... 17 5.2...................................................... 17 5.3...................................................... 17 5.4...................................................... 18 6 19 6.1...................................................... 19 6.2...................................................... 28 6.3...................................................... 32 6.4 Webmail................................................. 36 6.5...................................................... 37 6.6...................................................... 38 7 39 7.1...................................................... 39 7.2 SQL.................................................... 41 8 43 8.1...................................................... 43 8.2 strategy.................................................. 43 8.3...................................................... 44 8.4...................................................... 45 8.5...................................................... 45 8.6 Telnet................................................... 46 8.7 Can postfix receive?..........................................
    [Show full text]
  • ESET MAIL SECURITY Installation Manual and User Guide
    ESET MAIL SECURITY Installation Manual and User Guide (intended for product version 4.0 and higher) Linux, BSD and Solaris Contents 1. Introduction..................................................................3 1.1 Main .........................................................................................3functionality 1.2 Key features.........................................................................................3 of the system 2. Terminology..................................................................5 and abbreviations 3. System..................................................................6 requirements 4. Installation..................................................................7 5. Architecture..................................................................8 Overview 6. Integration..................................................................10 with Email Messaging System 6.1 Bi-directional.........................................................................................11 email message scanning in MTA 6.2 Scanning.........................................................................................11 of inbound email messages 6.3 Scanning.........................................................................................11 of outbound email messages 6.4 Scanning of email messages downloaded from POP3/IMAP.........................................................................................11 server 6.5 Alternative.........................................................................................12
    [Show full text]
  • Analysis and Performance Optimization of E-Mail Server
    Analysis and Performance Optimization of E-mail Server Disserta¸c~aoapresentada ao Instituto Polit´ecnicode Bragan¸capara cumprimento dos requisitos necess´arios `aobten¸c~aodo grau de Mestre em Sistemas de Informa¸c~ao,sob a supervis~aode Prof. Dr. Rui Pedro Lopes. Eduardo Manuel Mendes Costa Outubro 2010 Preface The e-mail service is increasingly important for organizations and their employees. As such, it requires constant monitoring to solve any performance issues and to maintain an adequate level of service. To cope with the increase of traffic as well as the dimension of organizations, several architectures have been evolving, such as cluster or cloud computing, promising new paradigms of service delivery, which can possibility solve many current problems such as scalability, increased storage and processing capacity, greater rationalization of resources, cost reduction, and increase in performance. However, it is necessary to check whether they are suitable to receive e-mail servers, and as such the purpose of this dissertation will concentrate on evaluating the performance of e-mail servers, in different hosting architectures. Beyond computing platforms, was also analze different server applications. They will be tested to determine which combinations of computer platforms and applications obtained better performances for the SMTP, POP3 and IMAP services. The tests are performed by measuring the number of sessions per ammount of time, in several test scenarios. This dissertation should be of interest for all system administrators of public and private organizations that are considering implementing enterprise wide e-mail services. i Acknowledgments This work would not be complete without thanking all who helped me directly or indirectly to complete it.
    [Show full text]
  • Opensmtpd: Current State of Affairs
    From: "Gilles Chehade" <[email protected]> To: "Ah, Jacques Cousteau" <[email protected]> Date: Sun, 24 Sep 2017 CET Subject: OpenSMTPD, current state of affairs The plan - Made tons of slides, I'll just skip over some if needed... - Sick AF, may need to run out during the talk… - Should this happen, stay calm and don’t panic, I’ll be back :-) $ whoami - Gilles Chehade <[email protected]> - I'm also @poolpOrg on twitter and github - I live in the beautiful city of Nantes, France (west coast riprizent !) - OpenBSD user since 2.6 (1999), OpenBSD developer since 4.2 (2007) - Also used NetBSD and FreeBSD a lot in the past, I enjoyed all BSD systems - Started working on smtpd in 2007 as personal project for my own needs - pyr@, reyk@ and henning@ tricked me into turning it into OpenSMTPD - "It will be fun", they said with a grin. $ whoami - Currently a Lead-Developer for the Vente-Privée Group - Platinum Sponsor of EuroBSDCon 2017 btw, woohoo ! - We are hiring. We are hiring. We are hiring. We are hiring. Mail me ;-) - I no longer do R&D work in the mail industry - Still do mail experiments in private though ;-) - My daily job has NOTHING to do with mails whatsoever, no conflicts of interest - Vente-Privée has a few OpenSMTPD instances as main MTA - I wasn't sure, I had to ask Miky Mike, the guy who knows this stuff - We also have a few OpenBSD installs, not sure I can say where and why, so… The OpenSMTPD crew - Eric Faurot <[email protected]> aka "The Doctor" - Sunil Nimmagadda <[email protected]> - Jung Joerg <[email protected]> - We tend to cc: our diffs to Todd Miller <[email protected]> - We receive a few contributions from the community - Mostly Linux people, just saying..
    [Show full text]
  • Opensmtpd: We Deliver
    OpenSMTPD: we deliver Giovanni Bechis <[email protected]> LinuxCon Europe 2015 About Me I sys admin and developer @SNB I OpenBSD developer I Open Source developer in several other projects OpenSMTPD story I first import in late 2008 I default smtp server in OpenBSD since March 2014 I current version is 5.7.3 released October 5, 2015 I portable version is available for *BSD, Linux and MacOSX why OpenSMTPD ? I in OpenBSD we needed a new smtp server to replace sendmail(8) I Postfix has not a "good" licence (from an OpenBSD pov) I OpenSMTPD is designed with security in mind I pf.conf(5) like configuration file OpenSMTPD: security in mind I multiple processes I privilege revocation I chroot I strlcpy(3), reallocarray(3), arc4random(3), imsg, ... I no auth on unsecure connections I crypt(3) as password hashing function OpenSMTPD: features I smtp protocol as defined in RFC 5321 I backup mx support I mbox and maildir support I authentication inbound and outbound with multiple backends I masquerade support I mailwrapper(8) for sendmail(8) I filters I compressed or crypted mail queue OpenSMTPD: extras I in base src code lives the main smtp server implementation I in extra src code lives all extra features: I table(5) support for different databases I different queue backends I different schedulers I filters OpenSMTPD: basic configuration listen on lo0 table aliases db:/etc/mail/aliases.db # accept from any for domain "example.org" alias <aliases> deliver to mbox accept for local alias <aliases> deliver to mbox accept from local for any relay OpenSMTPD:
    [Show full text]
  • Installing and Configuring HCL Domino 11.0.1 on Centos 8 Enterprise Linux
    Installing and Configuring HCL Domino 11.0.1 on CentOS 8 Enterprise Linux Devin S. Olson ([email protected]) Reviewed by Wes Morgan ([email protected]) 09 October 2020 Copyright 2020 HCL Technologies Ltd. Introduction ............................................................................................................................................... 3 CentOS 8 Enterprise Linux ........................................................................................................................... 4 System Requirements ............................................................................................................................................4 Domino Specific Configuration .................................................................................................................... 5 Security Enhanced Linux ........................................................................................................................................5 Required Packages ................................................................................................................................................5 Conflicting Services ...............................................................................................................................................5 User Account .........................................................................................................................................................5 Domino Installation ...................................................................................................................................
    [Show full text]